Legal Business Blogs

Sponsored briefing: Overview of the key legal issues in the TMT sector in China

Partners from Haiwen & Partners take an in-depth look at TMT in China

The TMT (commonly known to represent ‘technology, media and telecom’) sector covers businesses in the areas of telecom, media and online-related or digital technologies. Typically, such businesses include internet content services (eg, social network, online audio and video, content search engine, etc.), e-commerce business, AI solution providers, data and digital services, and other similar businesses.

In addition to internet companies or digital service providers which belong to the category of ‘new economy’ business and focus on the TMT sector, large amount of companies in the ‘traditional industries’ (eg, vehicle manufacturers, pharmaceutical companies, consumable commodity companies, etc.) launch their ‘digitalisation transformation’ and start operating e-commerce services and online marketing and membership programs, and feel eager to obtain and enrich their consumers’ user profiling. Such activities are probably deemed as part of the ‘TMT’ operations and should pay attention to legal issues of the TMT sector.

Among other issues, the regulatory framework of the TMT sector in China highlights three topics. The first topic is whether an operator needs to obtain specific permits and whether certain permits have restrictions on foreign investors. The second topic is an operator’s obligation of personal information protection, data compliance and online content administration. The third topic is whether and how an operator should pay attention to and comply with requirements of antitrust and competition regulations when they conduct operations related to the TMT sector.

I. Typical permits in the TMT sector and relevant foreign investment restrictions

The TMT sector has been blooming for decades in China, and laws to regulate the TMT sector are evolving along the decades. Nowadays, operation of most TMT businesses is subject to permits. In the context of foreign investment in the TMT sector in China, another crucial question is whether a specific TMT business is restricted or prohibited to foreign investment, as the answer to this question would have a decisive impact on the structure or steps of an investment or operation decision by foreign companies. For example, a popular business structure named the structure of ‘variable interest entities’ has come into play for more than two decades to enable foreign investors to control (without owning equity interest) and obtain economic benefits from a company in certain TMT businesses prohibited or restricted for foreign investors. Another feasible option is co-operation with domestic operator. For example, a foreign investor who intends to run basic cloud service business in China (a business subject to foreign investment prohibition) would usually co-operate with a domestic operator holding an IDC licence. For certain TMT businesses, on the other hand, it may be more difficult and time-consuming to obtain required permits due to the foreign shareholding issue.

(a) Telecommunications area

Telecommunications services are categorised into two main types, ie, basic telecommunications services and value-added telecommunications services. When an investor in the China market talks about investments in the TMT sector, most of the times they are referring to investments in the value-added telecommunications services (such as information service, IDC service, online data processing and transaction processing service, etc.). For most value-added telecommunications services, there are corresponding permits and foreign shareholding restrictions (see the table for more details).

(b) Entertainment and media area

Typical permits in the entertainment and media area include the Permit of Publication of Audio-Visual Programs through Information Network, the Permit of Internet Culture Business, the Internet Publishing Service Licence, and the Permit of Radio and Television Program Production and Operation, etc.

The TMT sector has been blooming for decades in China, and laws to regulate the TMT sector are evolving along the decades. Nowadays, operation of most TMT businesses is subject to permits.

Foreign investments are prohibited in most entertainment and media businesses, including but not limited to: (i) internet news and information services, internet publishing services, internet audio-visual program services, and internet culture business (except for music), (ii) news institutions (including but not limited to news agencies), (iii) editing, publishing and production of books, newspapers, periodicals, audio-visual products and electronic publications, (iv) radio and television program production and operation companies, and (v) film production companies, distribution companies, cinema companies and film import business.

(c) Other areas

Typical permits in other TMT businesses include the Payment Business Permit for payment-related business, the Qualification Certificate of Surveying and Mapping for map/navigation business, and the E-hailing Business Permit for E-hailing services, etc.

Certain restrictions are established in a foreign investment negative list issued by governmental authorities with respect to such specific business areas. Authorities governing specific areas may also impose industry-focused restrictions on foreign investment. Take the Payment Business Permit for instance,the application for such permit, in theory, needs to be submitted to the People’s Bank of China for review, while in fact, this permit has never been issued to a foreign-invested entity before 2018.

II. Key issues in the areas of personal information protection, data compliance, and online content administration.

Businesses in the TMT sector need to process large amount of personal information as well as other types of data. Operators need to fulfil the obligation of personal information protection and data compliance. Also, if a business provides account services and online information services (eg, most social networking services and e-commerce services), its operator needs to pay attention to the administration obligation for its account services and online content services.

(a) Personal information protection

The most fundamental rules governing this area are provided in the Personal Information Protection Law of the PRC (PIPL). PIPL adopts a regulatory approach similar to the General Data Protection Regulation in the European Union.
A personal information processor needs to pay attention to the following issues:

  • Lawful basis and detailed requirements on obtaining consent

A processor must have a lawful basis before it processes personal information. Typical lawful basis used in daily business operation include (1) consent from individuals,(2) necessity for the performance of a contract to which the individual is a party, and (3) necessity for carrying out human resources management. The lawful basis of consent is the most frequently used one, and a processor needs to follow regulatory requirements to obtain consent in a lawful and adequate manner. Regulatory rules have certain specific and detailed requirements for how to obtain consent under specific scenarios (eg, to process sensitive personal information, a processor needs to obtain ‘separate consent’).

  • Cross-border transfer

If a processor intends to transfer personal information to an entity in another jurisdiction, it should obtain each involved individual’s separate consent, conduct personal information protection impact assessment, and meet one of the following requirements: (1) it needs to enter into a standard contract issued by authority with offshore recipient, (2) it needs to obtain personal data protection certification by specific professional organisations (but the implementation rules have not yet been issued), and (3) if it transfers personal information in certain amount above a threshold, it needs to pass the security assessment organised by the regulatory authority.

(b) Data compliance: data security and cyber security

The most fundamental requirements in this area are established in the Data Security Law of the PRC and the Cybersecurity Law of the PRC.

A data processor needs to classify and categorise the data it processes. If some data is identified as ‘important data’ through such categorisation, the processor needs to comply with stricter requirements to protect important data. Also, regulatory authorities will identify and determine whether certain system, equipment or facility is ‘critical information infrastructure’ (CII), and the operator of CII is subject to strict protection requirements on CII operators. For example, if a data processor intends to transfer important data to offshore recipient, or a CII operator intends to transfer personal information to offshore recipient, it needs to file and pass the security assessment organised by regulatory authority.

Also, if an operator runs IT system in China, it needs to evaluate its IT system and, with the help of external experts and agencies, determine which mandatory protection level should its IT system have, and file such determined protection level with authorities for record filing. It should further improve its IT system to meet the requirement on such protection level.

(c) Online content administration

If a business provides online account services (eg, a social networking app permits users to register and use an account to send messages and post information), the operator needs to ensure that the account name does not confuse the general public and does not contain illegal contents. If such account service provides information posting services or instant messaging services, the operator should complete the real-name authentication for each user.

If an operator provides online information service in certain specific areas (eg, in the areas of financial information service, online live-streaming services, news information services, and information search engine services), or such operator uses certain technologies (eg, it applies algorithm recommendation technologies to provide internet information services) or adopt certain specific service model (eg, it provides internet pop-up window information push services), such operator needs to comply with detailed compliance requirements in such specific regulated areas.

III. China’s antitrust and competition regulations and practices in the digital industry

Digital industry is an important part of the TMT sector.
Recent antitrust regulations in China manifest continuously intensifying scrutiny over digital platforms.

(a) Legislation and policy on digital industry

  • On 7 February 2021, the regulatory authority released Antitrust Guidelines on Platform Economy, which intends
    to address various current issues involving the platform economy and provide guidance for market players in the
    digital industry.
  • On 1 August 2022, the amendment to China Anti-Monopoly Law (the ‘Amended AML’) came into effect. Notably, some of the amendments are tailored to digital market, highlighting antitrust enforcement against digital platforms.
  • Similar to Europe’s approach in the Digital Marketing Act and Digital Services Act which place additional requirements and restrictions on online ‘gatekeepers’, the State Administration for Market Regulation (SAMR) published the draft Guidelines on Classification and Grading of Internet Platforms and the draft Guidelines on Internet Platform Liability for public opinion on 29 October 2021. These drafts provide that
    ultra-large platforms should be subject to more obligations than smaller ones.

(b) Antitrust compliance risk in focus

In the background of intensifying scrutiny in digital markets, companies that operate in digital industry need to be mindful of the following antitrust compliance risks.

  • Companies need to avoid entering into a monopoly agreement, which means an agreement, decision or other concerted act that excludes or restricts competition. In the area of digital platforms, among other things, SAMR’s key focus are algorithmic collusions, ‘hub-and-spoke’ cartels and most-favoured-nation (MFN) clauses adopted by the market players.
  • If a company represents significant market share in the relevant digital sector amounting to market dominance, it needs to examine whether its business practices constitute abuse of dominance, such as ‘big data killing’ (using algorithms for price discrimination), and ‘either-or’ mandates (where a platform mandates the operators on the platform to operate on this platform exclusively). In 2021, SAMR published decisions against digital platform companies and punish their abuse of dominance. For example, Alibaba was found to have conducted ‘either-or’ and received the largest anti-monopoly fine ever imposed (RMB18.3 billion, 4% of its entire group sales in China in 2019). Meituan was imposed a fine of RMB 3.4 billion, amounting to 3% of its 2020 sales in China, on similar grounds.
  • If a company makes corporate transactions in China, including M&A, minority investment, joint ventures, strategic alliances and business partnership, it should be mindful of antitrust pre-clearance requirements. Any transaction constituting ‘concentration of undertakings’and meeting certain turnover thresholds are required to be notified with SAMR before closing, or else the parties
    would be subject to administrative punishment for failure to notify, ie, ‘gun jumping’. In 2021, SAMR issued fine for‘gun jumping’ behaviour in around 100 cases, 84 of which involved companies in the TMT sector. Now harsher punishments of gun-jumping can be imposed to enterprises under the Amended AML – the maximum fine now is increased to 10% of the party’s turnover for the past financial year, with a cap of RMB 5 million if the un-notified transaction raises no anticompetitive concern. Also worth mentioning are new laws on ‘killer acquisitions’ where SAMR is considering introducing a valuation threshold to catch the acquisition of star-ups with insignificant turnover and SAMR is entitled to call in for transactions falling below the thresholds.

(c) Competition compliance risk in focus

The Anti-unfair Competition Law (AUCL) has been one of the most frequently enforced laws in China, particularly in respect of commercial bribery and advertisement violations.

On 17 August 2021, SAMR issued the draft Provisions
Against Online Unfair Competition Practices for public opinion, which intends to regulate traditional unfair competition practices such as counterfeiting and confusion, false advertising and commercial disparagement in digital market, and also to regulate new types of unfair competition practices in the TMT sector, including traffic hijacking, undue interference and malicious incompatibility.

Category and corresponding permit Examples Foreign shareholding restriction
Foreign investors (WTO) Hong Kong and Macau Investors (CEPA)
Free trade zone Other areas
B25- Information Services: ICP WeChat, Baidu For ‘Application Stores’ business: no restriction for other business ≤50% ≤50% For ‘Application Stores’ business: no restriction; for other business: ≤50%
B14-Internet access services: ISP Dr. Peng, Great Wall Broadband Network For ‘Access Service for Internet Users’ business: no restriction; for other business: 0% 0% For ‘Access Service for Internet Users’ business: no restriction; for other business: 0%
B11-Internet data centre services: IDC Alibaba Cloud, Tencent Cloud 0% ≤50%
B12-Content delivery network services: CDN WANGSU, VNET 0% ≤50%
B21-Online data processing and transaction processing services: EDI Taobao, JD For ‘For-profit E-commerce’ business: no restriction; for other business: ≤50%
B22 – Domestic multi-party Communication services BizConf, Com-Meeting No restriction
B24-Call centre services Yourssoft, Justcall No restriction

1. ‘CEPA’ means the Agreement on Amending the Agreement on Trade in Services under the Mainland and Hong Kong Closer Economic Partnership Arrangement (2020) and the Agreement on Amending the Agreement on Trade in Services under the Mainland and Macao Closer Economic Partnership Arrangement (2020).

Authors

Mr. Fu Peng:
傅鹏
Fu, Peng (Victor)
合伙人 Partner
电话Tel: (+86 10) 8560 6888
直线Dir: (+86 10) 8560 6968
传真Fax: (+86 10) 8560 6999
手机Mob: (+86) 139 1141 3265
电子邮件Email: fupeng@haiwen-law.com

 

 

Ms. Zou Yige:
邹一格 合伙人
Zou, Yige Partner
电话Tel: (+86 21) 6043 5000
直线Dir: (+86 21) 6043 5098
传真Fax: (+86 21) 5298 5030
手机Mob: (+86) 136 4193 3050
电子邮件Email: zouyige@haiwen-law.com

 

 

Mr. Lin Xixiang:
林熙翔 合伙人
Lin, Xixiang Partner
电话Tel: (+86 10) 8560 6888
直线Dir: (+86 10) 8560 6977
传真Fax: (+86 10) 8560 6999
手机Mob: (+86) 139 1118 6574
电子邮件Email: linxixiang@haiwen-law.com

Return to TMT Yearbook contents